CVE-2024-43468: ConfigMgr/SCCM 2403 Unauth SQLi to RCE
PATCHED: Oct 8, 2024
Exploit: https://github.com/synacktiv/CVE-2024-43468
Blog: https://www.synacktiv.com/advisories/microsoft-configuration-manager-configmgr-2403-unauthenticated-sql-injections
#git #exploit #ad #rce #sccm #pentest #redteam
PATCHED: Oct 8, 2024
Exploit: https://github.com/synacktiv/CVE-2024-43468
Blog: https://www.synacktiv.com/advisories/microsoft-configuration-manager-configmgr-2403-unauthenticated-sql-injections
#git #exploit #ad #rce #sccm #pentest #redteam
GitHub
GitHub - synacktiv/CVE-2024-43468
Contribute to synacktiv/CVE-2024-43468 development by creating an account on GitHub.
🔥15👍7🤯3
Для изменения пароля пользователя AD, если есть на это право. Утилита написана на С.
https://github.com/decoder-it/ChgPass
#ad #pentest #acl
https://github.com/decoder-it/ChgPass
#ad #pentest #acl
👍30🤔9🔥3😁2😱1🙏1
Forwarded from APT
🔍 Exploring NTDS.dit
This blog post examines the structure of the NTDS.dit file, which stores data for Active Directory. It also introduces DIT Explorer, a new open-source tool designed for analyzing NTDS.dit, demonstrating how it interprets the database to provide a structured view of the directory.
🔗 Research:
https://trustedsec.com/blog/exploring-ntds-dit-part-1-cracking-the-surface-with-dit-explorer
🔗 Source:
https://github.com/trustedsec/DitExplorer
#ad #windows #ntds #dnt
This blog post examines the structure of the NTDS.dit file, which stores data for Active Directory. It also introduces DIT Explorer, a new open-source tool designed for analyzing NTDS.dit, demonstrating how it interprets the database to provide a structured view of the directory.
🔗 Research:
https://trustedsec.com/blog/exploring-ntds-dit-part-1-cracking-the-surface-with-dit-explorer
🔗 Source:
https://github.com/trustedsec/DitExplorer
#ad #windows #ntds #dnt
🔥18👍9
regsecrets как замена secretsdump
Blog: https://www.synacktiv.com/publications/lsa-secrets-revisiting-secretsdump
Script: https://github.com/fortra/impacket/pull/1898/commits/e8f437200248b641b3baa3ce48505232287150e3
#pentest #redteam #ad #creds
Blog: https://www.synacktiv.com/publications/lsa-secrets-revisiting-secretsdump
Script: https://github.com/fortra/impacket/pull/1898/commits/e8f437200248b641b3baa3ce48505232287150e3
#pentest #redteam #ad #creds
🔥24👍4
Про байпас AMSI в 2025. Что-то еще актуально, а что-то уже нет)
https://en.r-tec.net/r-tec-blog-bypass-amsi-in-2025.html
#pentest #redteam #bypass #ad
https://en.r-tec.net/r-tec-blog-bypass-amsi-in-2025.html
#pentest #redteam #bypass #ad
🔥11👍7🤔2
Попался интересный материал про RDP. В блоге про то, какие следы можно найти после использования RDP, и как эти следы не оставлять
https://blog.devolutions.net/2025/03/using-rdp-without-leaving-traces-the-mstsc-public-mode/
P.S. пока сильно не вникал, оставил как заметку📝
#ad #pentest #redteam #bypass #lateralmovement
https://blog.devolutions.net/2025/03/using-rdp-without-leaving-traces-the-mstsc-public-mode/
P.S. пока сильно не вникал, оставил как заметку
#ad #pentest #redteam #bypass #lateralmovement
Please open Telegram to view this post
VIEW IN TELEGRAM
blog.devolutions.net
Using RDP without leaving traces: the MSTSC public mode
Learn how MSTSC’s /public mode works! It blocks credential caching, session details, and bitmap storage, enhancing security. Discover its impact and how to reset MSTSC for a clean slate.
👍34🔥10
CVE-2025-23120: Domain-Level RCE in Veeam Backup & Replication
https://labs.watchtowr.com/by-executive-order-we-are-banning-blacklists-domain-level-rce-in-veeam-backup-replication-cve-2025-23120/
Affected Product:
Veeam Backup & Replication 12.3.0.310 and all earlier version 12 builds.
Patched: March 19, 2025
#ad #pentest #redteam #rce
https://labs.watchtowr.com/by-executive-order-we-are-banning-blacklists-domain-level-rce-in-veeam-backup-replication-cve-2025-23120/
Affected Product:
Veeam Backup & Replication 12.3.0.310 and all earlier version 12 builds.
Patched: March 19, 2025
#ad #pentest #redteam #rce
🔥17👍7🤯3
RemoteMonologue: Weaponizing DCOM for NTLM authentication coercions
PoC: https://github.com/xforcered/RemoteMonologue
Blog: https://www.ibm.com/think/x-force/remotemonologue-weaponizing-dcom-ntlm-authentication-coercions
#pentest #redteam #ad #creds #lateral
PoC: https://github.com/xforcered/RemoteMonologue
Blog: https://www.ibm.com/think/x-force/remotemonologue-weaponizing-dcom-ntlm-authentication-coercions
#pentest #redteam #ad #creds #lateral
🔥13👍5🤔3😱1